| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
For ext2/3/4 we have to have errors=continue because the image
can contain errors=panic flag and can legally crash kernel.
Fixes #599
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Update #533
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
We see some crashes that suggest corruption of the syscall number:
invalid command number 1296 (errno 11)
invalid command number 107 (errno 110)
Make the table and the number constant to prevent corruption.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Disable zx_task_kill until we figure out how to prevent executor from killing fuzzer.
Update #594
|
| |
|
|
|
| |
In several places we assume that -1 is failure and 0 is OK.
Use this convention for fuchsia as well.
|
| |
|
|
| |
The call signature has changed in zircon.
|
| |
|
|
| |
It's removed from latest zircon sources.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The id field in the v4l2_event_subscription structure
currently described as: id len[type, int32].
But all the documentation states is:
"id - ID of the event source. If there is no ID associated
with the event source, then set this to 0. Whether or not
an event needs an ID depends on the event type."
So, the documentation clearly states that:
1. id - is the source of an event
2. type - is the type of an event
3. for some types of events there is no source and id can be 0
According to this 'id int32' is more accurate description of
the field.
|
| |
|
|
|
| |
1. lazytime && nolazytime for xfs
2. nossd_spread for btrfs
|
| |
|
|
|
|
|
| |
1. Comment with clarification on how to run qemu added.
2. Fixed description of int type.
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| | |
|
| |
|
|
| |
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| |
|
|
| |
Signed-off-by: Denis Efremov <efremov@linux.com>
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Add separate options to minimize netdevices setup and net namespace reset.
Fixes #581
|
| | |
|
| | |
|
| |
|
|
|
| |
Turns out it's protection of kcov region that causes coverage drop.
Revert it and re-enable coverage filtering.
|
| |
|
|
|
| |
This causes very significant drop in corpus size. Needs additional debugging.
Revert for now.
|
| |
|
|
|
| |
We only write to the first page of kcov region.
Protect the rest from the fuzzer.
|
| |
|
|
|
|
| |
New measures still does not help against fuzzer producing
fake corrupted coverage.
Try to terminate instantly as we detect bad coverage.
|
| |
|
|
|
| |
Fuzzer manages to corrupt output region and write random coverage again and again.
Do a sanity range check on coverage PCs to filter out invalid ones.
|
| |
|
|
|
| |
Fuzzer manages to corrupt output region and write random coverage again and again.
Randomize output region addr to make it harder.
|
| |
|
|
|
|
|
|
|
| |
gcc8 is stricter when dealing with strings and strncpy and demands that
the size of the actual string to be copied to be explicitly smaller than
the size of the destination, just to make sure the NULL terminator is
taken into considerantion. This patch fixes the issue.
Signed-off-by: Ioana Ciornei <ciorneiioana@gmail.com>
|
| |
|
|
|
| |
Now generated on:
https://source.codeaurora.org/quic/la/kernel/msm-4.9 msm-4.9
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
For now other arches are regenerated on upstream tree.
It does not contain a bunch of consts, so we define them to 1 for now.
arm64 consts are left intact.
video4linux.txt is added to "android" files in syz-extract,
so that future make extract runs don't overwrite arm64 consts.
Also fix VIDIOC_G_FBUF argument direction, currently tests crash with:
panic: call ioctl$VIDIOC_G_FBUF: pointer arg 'buffer' has output direction [recovered]
panic: call ioctl$VIDIOC_G_FBUF: pointer arg 'buffer' has output direction
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update #533
As TC(net sched) is a large group, I separate it from socket_netlink_route.txt.
Currently I only implement the framework with two qdisc/tclass/filters.
I will add the others later.
v2: Fix tcm_handle major and minor order. Add tcm_handle_offsets.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
| |
|
|
| |
Update #538
|
| |
|
|
|
|
|
|
|
| |
Move generated files to gen subdir. This allows to:
1. Rebuild init.go without rebuilding generated code.
2. Excluding generated files from gometalinter checking.
This makes faster and consume less memory.
Update #538
|
| |
|
|
| |
Update #538
|
| |
|
|
| |
Update #538
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Describe block device ioctls.
Describe sg device ioctls.
Add few more devices.
|
| | |
|
| |
|
|
|
| |
Slightly extend namespace descriptions and move
them to a separate file.
|
| |
|
|
| |
Detect kernel bitness and properly extract coverage on 32-bit kernels.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Also fix RTA_MULTIPATH data type. We only need struct rtnexthop,
no need to use array type.
v1 -> v2:
Use uid and sock_port instead of int32/16. Use flags for FRA_PROTOCOL
and FRA_IP_PROTO.
Add type fib_rule_hdr because even though the structure is same with rtmsg.
The table, action and flags values are not same.
Signed-off-by: Hangbin Liu <liuhangbin@gmail.com>
|
| |
|
|
|
|
| |
Check in checkpoint_iptables is not enough as
reset_iptables will fail even if no tables enabled.
Add similar check to reset_iptables.
|
| |
|
|
| |
Images of some filesystems need to be that large (xfs, btrfs, f2fs).
|
| | |
|
